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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 24 February 2010 appealing from the Office action 
mailed 25 August 2009. 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial proceedings which will 
directly affect or be directly affected by or have a bearing on the Board's decision in the pending 
appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection contained in the brief is 
correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is substantially correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

U.S. Patent 6,161,139 Win 12-2000 

U.S. Pub 2002/0029339 Rowe 3-2002 

U.S. Patent 6,202,066 Barkley 3-2001 
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(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections 
set forth in this Office Action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 



Claims 1, 4-5, 7-8, 10-16, 18-22, 25-45 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Win, U.S. 6,161,139 ("Win"), in view of Rowe, U.S. Pub 2002/0029339 ("Rowe"). 

Re claim 1 : (Currently amended) Win discloses a computer-implemented method for specifying and 
enforcing entitlements for performance of financial transactions, the method comprising: 

in a computer system having at least a processor and memory, providing a hierarchical 
entitlement structure with inheritance for specifying entitlements for performing financial 
transactions (column 4, lines 22-26; column 5, lines 7-8); 
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receiving user input for defining a plurality of entitlement groups of said hierarchical entitlement 
structure, wherein each entitlement group has specified permissions to perform financial 
transactions (column 15, lines 15-21; column 4, lines 24-26); 

Win doesn't explicitly disclose the limitation comprising wherein each entitlement group has specified 
limits on performance of said financial transactions, and membership of each user. Rowe, however, 
makes this teaching in a related endeavor (paragraph 12, lines 5-13; paragraph 14). Rowe discloses 
as his invention a method and apparatus for facilitating monetary and commercial transactions and for 
securely storing data. The present invention relates to methods and devices for permitting monetary 
transactions, such as the transfer of funds and the payment of monies, for facilitating commercial 
transactions, such as the purchase of goods, and for securely storing data. It would have been obvious 
to one of ordinary skill in the art at the time of the invention to combine the teaching of Rowe with 
those of Win as discussed above for the motivation of establishing entitlement to access the account 
(Rowe, abstract). 

Win further discloses: 

in response to a particular user request to perform a financial transaction at runtime, identifying 
the particular user's membership in a certain entitlement group (column 5, lines 45-55); 

determining whether to allow the particular user to perform the financial transaction based on 
permissions and limits of said hierarchical entitlement structure applicable to the particular user's 
performance of the financial transaction (column 4, lines 15-18). 

Re claim 4 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein said step of defining a plurality of entitlement groups includes 
defining permissions to access particular objects in a financial application (column 5, lines 22-29). 
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Re claim 5 : (Original) Win in view of Rowe teaches the limitation of claim 4 as described above. Win 
further teaches the limitation wherein said step of defining a plurality of entitlement groups includes 
defining permissions to perform functions on said particular objects (column 5, lines 22-32). 

Re claim 7 : (Original) Win in view of Rowe teaches the limitation of claim 4 as described above. Win 
doesn't explicitly teach the limitation wherein said limits comprise limitations on values of financial 
transactions to be performed. Rowe, however, makes this teaching (paragraph 12, lines 5-13, 
paragraph 14). It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teaching of Rowe with those of Win as discussed above for the motivation of 
establishing entitlement to access the account (Rowe, abstract). 

Re claim 8 : (Original) Win in view of Rowe teaches the limitation of claim 4 as described above. Win 
doesn't explicitly teach the limitation wherein said step of defining a plurality of entitlement groups 
includes defining limits comprising a selected one of per-transaction limits and cumulative limits over a 
period of time. Rowe, however, makes this teaching (paragraph 12, lines 5-13; paragraphs 14 and 
43). It would have been obvious to one of ordinary skill in the art at the time of the invention to 
combine the teaching of Rowe with those of Win as discussed above for the motivation of facilitating a 
commercial transaction (Rowe, paragraph 14). 

Re claim 10 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein said step of defining a plurality of entitlement groups includes 
defining limits applicable to individual users (column 16, lines 59-67). 

Re claim 11 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein said step of defining a plurality of entitlement groups includes 
defining limits applicable collectively to members of an entitlement group (column 16, lines 59-67). 
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Re claim 12 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein said step of defining a plurality of entitlement groups includes 
defining limits applying collectively to a particular entitlement group and children entitlement groups 
of said particular entitlement group in said hierarchical entitlement structure (column 16, lines 59-67). 

Re claim 13 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
doesn't explicitly teach the limitation further comprising tracking financial transactions performed for 
purposes of determining compliance with limits. Rowe, however, makes this teaching (paragraph 103, 
lines 1-9; paragraph 149, lines 1-9). It would have been obvious to one of ordinary skill in the art at 
the time of the invention to combine the teaching of Rowe with those of Win as discussed above for 
the motivation of facilitating a commercial transaction (Rowe, paragraph 14). 

Re claim 14 : (Original) Win in view of Rowe teaches the limitation of claim 13 as described above. Win 
doesn't explicitly teach the limitation wherein said step of tracking financial transactions performed 
includes maintaining running total values of financial transactions performed in cache for improved 
performance. Rowe, however, makes this teaching (paragraph 103, lines 1-9; paragraph 149, lines 1- 
9). It would have been obvious to one of ordinary skill in the art at the time of the invention to 
combine the teaching of Rowe with those of Win as discussed above for the motivation of storing 
account information and receiving and transmitting account data such as data representing fund 
transfers and the like (Rowe, paragraph 103, lines 1-4). 

Re claim 15: (Original) Win in view of Rowe teaches the limitation of claim 14 as described above. Win 
doesn't explicitly teach the limitation wherein said step of determining whether to allow the particular 
user to perform the financial transaction includes determining whether any limits have been exceeded 
based on the running total values and the value of the financial transaction requested by the particular 
user. Rowe, however, makes this teaching (paragraph 103, lines 1-9; paragraph 149, lines 1-9). It 
would have been obvious to one of ordinary skill in the art at the time of the invention to combine the 
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teaching of Rowe with those of Win as discussed above for the motivation of facilitating a commercial 
transaction (Rowe, paragraph 14). 

Re claim 16: (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation further comprising: maintaining permission information for entitlement 
groups in the hierarchical entitlement structure in cache to improve system performance (column 2, 
lines 60-67; column 3, lines 1-7). 

Re claim 18 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein permissions provided to an entitlement group include 
permissions to administer a certain other entitlement group (column 2, lines 35-43; column 24, lines 
39-40). 

Re claim 19 : (Original) Win in view of Rowe teaches the limitation of claim 18 as described above. Win 
further teaches the limitation wherein permissions to administer a particular entitlement group include 
modifying permissions of said certain other entitlement group (column 2, lines 25-43). 

Re claim 20 : (Original) Win in view of Rowe teaches the limitation of claim 18 as described above. Win 
further teaches the limitation wherein said permissions to administer a certain other entitlement group 
are subject to limitations defined for the entitlement group having said permissions to administer 
(column 24, lines 39-40; column 16, lines 59-64). 

Re claim 21 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
further teaches the limitation wherein permissions provided to an entitlement group include 
permissions to extend a certain other entitlement group (column 15, lines 63-67). 



Re claim 22 : (Original) Win in view of Rowe teaches the limitation of claim 21 as described above. Win 
further teaches the limitation wherein permissions to extend a certain other entitlement group include 
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permissions to define a child entitlement group of said particular entitlement group (column 16, lines 
59-64). 

Re claim 23 : (Canceled) 
Re claim 24: (Canceled) 

Re claim 25 : (Previously presented) Win discloses a system for specifying and enforcing entitlements 
for performance of financial transactions, the system comprising: 

a computer having at least a processor and memory (column 4, lines 27-31); 

a hierarchical entitlement structure with inheritance for specifying entitlements for performing 
financial transactions (column 4, lines 22-26; column 5, lines 7-8); 

a user input module for specifying a plurality of entitlement groups of said hierarchical 
entitlement structure, wherein each entitlement group has specified permissions to perform 
financial transactions (column 15, lines 15-21; column 4, lines 24-26); 

Win doesn't explicitly disclose the limitation comprising wherein each entitlement group has specified 
limits on performance of said financial transactions, and user membership. Rowe, however, makes 
this teaching in a related endeavor (paragraph 12, lines 5-13; paragraph 14). Rowe discloses as his 
invention a method and apparatus for facilitating monetary and commercial transactions and for 
securely storing data. The present invention relates to methods and devices for permitting monetary 
transactions, such as the transfer of funds and the payment of monies, for facilitating commercial 
transactions, such as the purchase of goods, and for securely storing data. It would have been obvious 
to one of ordinary skill in the art at the time of the invention to combine the teaching of Rowe with 
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those of Win as discussed above for the motivation of establishing entitlement to access the account 
(Rowe, abstract). 

Win further discloses: 

an enforcement module for determining, in response to a particular user's request to perform a 
given financial transaction at runtime, whether to allow the particular user to perform the 
financial transaction based on permissions and limits of said hierarchical entitlement structure 
applicable to the entitlement group of which the particular user is a member (column 2, lines 52- 
65). 

Re claim 26 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 2 above, therefore the same rejection applies. 

Re claim 27 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 3 above, therefore the same rejection applies. 

Re claim 28 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 4 above, therefore the same rejection applies. 

Re claim 29 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 5 above, therefore the same rejection applies. 

Re claim 30 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 6 above, therefore the same rejection applies. 



Re claim 31 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 7 above, therefore the same rejection applies. 
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Re claim 32 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 8 above, therefore the same rejection applies. 

Re claim 33 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 9 above, therefore the same rejection applies. 

Re claim 34 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 10 above, therefore the same rejection applies. 

Re claim 35 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 11 above, therefore the same rejection applies. 

Re claim 36 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 12 above, therefore the same rejection applies. 

Re claim 37 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 13 above, therefore the same rejection applies. 

Re claim 38 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 14 above, therefore the same rejection applies. 

Re claim 39 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 15 above, therefore the same rejection applies. 



Re claim 40 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 16 above, therefore the same rejection applies. 
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Re claim 41 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 17 above, therefore the same rejection applies. 

Re claim 42 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 18 above, therefore the same rejection applies. 

Re claim 43 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 19 above, therefore the same rejection applies. 

Re claim 44 : (Previously Presented) The claim recites limitations already addressed by the rejection of 
claims 20 above, therefore the same rejection applies. 

Re claim 45 : (Currently amended) Win discloses a method for defining and enforcing permissions and 
limits on performance of financial transactions in a banking system, the method comprising: 

in a banking system implemented in a computer system having at least a processor and memory, 
receiving user input defining a plurality of entitlement groups, wherein each entitlement group 
has specified users, permissions to perform financial transactions (column 4, lines 27-31); 

Win doesn't explicitly disclose wherein each entitlement group has limits on performance of said 
financial transactions. Rowe, however, makes this teaching in a related endeavor (paragraph 12, lines 
5-13; paragraph 14). Rowe discloses as his invention a method and apparatus for facilitating 
monetary and commercial transactions and for securely storing data. The present invention relates to 
methods and devices for permitting monetary transactions, such as the transfer of funds and the 
payment of monies, for facilitating commercial transactions, such as the purchase of goods, and for 
securely storing data. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teaching of Rowe with those of Win as discussed above for the motivation of 
establishing entitlement to access the account (Rowe, abstract). 
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Win further discloses: 

organizing said plurality of entitlement groups into hierarchical structure with inheritance 
specifying permissions and limits for performing financial transactions (column 4, lines 22-26; 
column 5, lines 7-8); 

in response to a particular user request to perform a financial transaction in the banking system 
at runtime, identifying the particular user's membership in a certain entitlement group (column 5, 
lines 2-13); 

determining whether to allow the particular user to perform the financial transaction based on 
permissions and limits of said hierarchical entitlement structure applicable to the particular user's 
performance of the financial transaction (column 2, lines 52-65). 

Claims 2-3, 6, 9, 17 are rejected under 35 U.5.C. 103(a) as being unpatentable over Win, U.S. 
6,161,139 ("Win"), in view of Rowe, U.S. Pub 2002/0029339 f Rowe"). as applied to claims 1, 4-5, 7- 
8. 10-16 described above, further in view of Barkley, U.S. 6,202,066 PBarkley"). 

Re claim 2 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
doesn't explicitly teach the limitation wherein said hierarchical entitlement structure provides that a 
given entitlement group inherits permissions provided to its parent entitlement group in said 
hierarchical entitlement structure. Barkley, however, makes this teaching (column 9, lines 48-60). It 
would have been obvious to one of ordinary skill in the art at the time of the invention to combine the 
teaching of Barkley with those of Win as discussed above for the motivation of knowing whether 
access is provided as a result of the permissions defined for the role or group itself or is based on 
permissions associated with inherited roles or groups (Barkley, column 10, lines 1-4). 
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Re claim 3 : (Original) Win in view of Rowe and further in view of Barkley teaches the limitation of 
claim 2 as described above. Win further teaches the limitation wherein said step of defining a plurality 
of entitlement groups includes restricting permissions inherited by an entitlement group from its 
parent entitlement group in said hierarchical entitlement structure (column 11, lines 39-43; column 
13, lines 14-15). 

Re claim 6 : (Original) Win in view of Rowe teaches the limitation of claim 4 as described above. Win 
doesn't explicitly teach the limitation wherein at least some of said particular objects represent bank 
accounts. Barkley, however, makes this teaching (column 11, table 1). It would have been obvious to 
one of ordinary skill in the art at the time of the invention to combine the teaching of Barkley with 
those of Win as discussed above for the motivation of effectuating bank policy (column 11, lines 60- 
61). 

Re claim 9 : (Original) Win in view of Rowe teaches the limitation of claim 1 as described above. Win 
doesn't explicitly teach the limitation wherein said step of defining a plurality of entitlement groups 
includes defining permissions applying to a selected one of functions of a financial application and 
objects of a financial application. Barkley, however, makes this teaching (column 11, lines 57-67; 
column 12, lines 1-32). It would have been obvious to one of ordinary skill in the art at the time of 
the invention to combine the teaching of Barkley with those of Win as discussed above for the 
motivation of implementing bank policy (Barkley, column 11, lines 57-59). 

Re claim 17 : (Original) Win in view of Rowe teaches the limitation of claim 16 as described above. Win 
doesn't explicitly teach the limitation wherein said permission information is modeled as three-tuples 
representing negative permissions. Barkley, however, makes this teaching (column 11, lines 57-67; 
column 12, lines 1-32). It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teaching of Barkley with those of Win as discussed above for the motivation 
of implementing bank policy (Barkley, column 11, lines 57-59). 



Application/Control Number: 10/708,920 
Art Unit: 3695 



Page 14 



(10) Response to Argument 

Claims 1. 4-5, 7-8, 10-16, 18-22 and 25-45 

With regard to the claims above, Appellants argue that Win does not provide any discussion of 
Financial transactions being performed and thus, there is nothing to teach or remotely suggest how 
one might use Win's system to specify and enforce permissions and limits for performing financial 
transactions. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Win discloses as his invention a method that comprises storing information that defines administrative 
roles, that associates a user with one or more of the administrative roles, and that associates each 
administration role with one or more administrative privileges. Win generally relates to methods of 
controlling access to protected information resources in a network environment, and, more 
specifically, to methods, apparatus, and products for managing and administering, from several 
distributed locations, a system for facilitating secure and selective access to network resources based 
on a role of a user of the resources. As such, the teachings of Win are found in a field of endeavor, 
which, while not unrelated, is also within the scope and reasoning of one of ordinary skill in the art. 

The 25 August 2009 Office Action points to Win, at least column 2, lines 66-67; column 3, lines 1-7; 
column 11, lines 40-44; column 5, lines 18-21, which recites: 
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"According to one feature, information is stored that associates each of a plurality of users with 
one or more administrative roles. At least two users administer the access control computer 
system from different locations, or from computers connected to two different local area 
networks." 

According to another feature, information is stored that associates a user with administrative 
roles, and that associates the administrative role with on or more other roles." 

"...the Personalized Menu Service constructs a personalized menu of resources showing only those 
resources that the user is authorized to access according to the user's profile information, 
including the user's roles and privileges." 

"In some embodiments, the term User Type or Person Type refers to employees, directors, 
officers, contractors, customers, distributors, etc., and Role refers to a job function such as sales 
representative, financial analyst, etc." 

From the above disclosure, it is apparent that Win is directed towards administering roles that govern 
access to administrative functions and describes means by which authorization (permission) to 
perform a certain function (i.e. financial transaction) is provided to persons tasked with performing 
certain roles or functions (i.e. financial analyst). The limitations for the claims above as written, do not 
differentiate from the disclosure described above and are therefore interpreted broadly. 

Win doesn't explicitly disclose the limitation specifying limits for performing financial transactions. 
Rowe, however, is relied upon to disclose this feature. Rowe discloses as his invention a method and 
apparatus for facilitating monetary and commercial transactions and for securely storing data. Rowe 
relates to methods and methods and devices for permitting monetary transactions, such as the 
transfer of funds and the payment of monies. As such, the teachings of Rowe are found in field of 
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endeavor, which, while not unrelated, is also within the scope and reasoning of one of ordinary skill in 
the art. 

The 25 August 2009 Office Action points to Rowe, at least paragraphs 12 and 14, which recites: 

"This method comprises the steps of providing customer data to the account provider, establishing 
an account type, assigning a value limit for the account, depositing funds in the financial account 
in an amount not exceeding the value limit, assigning the financial account an expiration date 
after which access to the financial account is generally prohibited by a user, and generating an 
account signature for use in establishing later entitlement to access the financial account." 

"One or more embodiments of the invention comprise a method of facilitating a commercial 
transaction comprising establishing a financial account, the account having a maximum funds 
limit , funds associated therewith not exceeding the limit ..." 

From the above disclosure, it apparent that Rowe discloses the limitation comprising specifying limits 
for performing financial transactions. The limitations for the claims above as written, do not 
differentiate from the disclosure described above and are therefore interpreted broadly. As such, the 
rejection with regard to the above argument with regard to Win and Rowe should be maintained 
accordingly. 

Appellants further argue that Win does not include or makes no mention of a hierarchical entitlements 
structure with inheritance, or entitlements between roles for performing financial transactions. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
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and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

The 25 August 2009 Office Action points to Win, at least column 4, lines 22-26; column 5, lines 2-8; 
column 18, lines 25-34, which recites: 

"Users are individuals who have a relationship with an organization and play various roles , and are 
registered in the system 2. Users may be members of an organization , or may be customers, 
suppliers, or business partners of the organization. Administrators control the system." 

"A Role may reflect a relationship of a User to the organization (employee, customer, distributor, 
supplier), their department within an organization (sales, marketing, engineering) or any other 
affiliation or function (member of quality task force, hotline staff member) that defines their 
information needs and thus their access rights or privileges ." 

"Any user who is assigned the role of "Sales Manager" in the future will automatically have access 
to the "National Sales Report" resource. If the administrator later un-assigns "Sales Manager" 
from the "National Sales Report" resource, then all users associated with the "Sales Manager" role 
will automatically lose access to the resource." 

From the above disclosure, it apparent that Win discloses a hierarchical entitlements structure with 
inheritance between roles. The limitation for the claim above as written, does not differentiate from 
the disclosure described above and is therefore interpreted broadly. As such, the rejection with regard 
to the above argument with regard to Win should be maintained accordingly. 
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Appellants further argue that Rowe's teachings are not comparable as the limitations described by 
Rowe are tied to particular accounts rather than to users or roles or an entitlement group. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

The 25 August 2009 Office Action points to Rowe, at least paragraph 40, which recites: 

"In a step Sle, the account provider assigns the account with a maximum funds value or value 
limit... Most often, the maximum value will comprise the amount of an initial deposit into the 
account by the customer." 

It apparent from the above disclosure that Rowe discloses wherein both transaction limits as well as 
cumulative limits are established for a financial transaction as follows: (Paragraph 40). In this case, a 
deposit into the account is allowed to accumulate up to the maximum deposit limit ("cumulative limit") 
set by the account provider for the account. Also, the maximum number of transactions permitted 
("per transaction limit") is limited only by the number of deposit transactions necessary to fund the 
account up to the maximum amount permitted for the account. 

Rowe also teaches wherein transaction limits are imposed by the account provider as follows: 

"This method comprises the steps of providing customer data to the account provider, establishing 
an account type, assigning a value limit for the account, depositing funds in the financial account 
in an amount not exceeding the value limit , assigning the financial account an expiration date 
after which access to the financial account is generally prohibited by a user..." [Abstract]. 
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In this case, the expiration date set by the account provider for transacting with the financial account 
serves the same purpose as limiting the number of transactions permitted for the account. 

In another instance, Rowe discloses wherein transaction limits and cumulative limits for the account 
provider to follow are set by the user of the account for as follows: 

"The customer may arrange the account such that funds are debited and transferred to the charity 
[or any other account] at one or more predetermined times and for one or more predetermined 
amounts" [Paragraph 35]. 

In this case, an account is permitted to be transacted upon only during the periods or times set for 
transacting whereas the maximum amount(s) permitted during the processing of the account is 
limited by the user. The limitations for the claims above as written, do not differentiate from the 
disclosure described above and are therefore interpreted broadly. As such, the rejection with regard to 
the above argument with regard to Rowe should be maintained accordingly. 

Claims 12 and 36 

With regard to the claims above, Appellants argue that Win makes no mention of a hierarchical 
entitlements structure in which a particular entitlement group has a child entitlement group. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

The 25 August 2009 Office Action points to Win, at least column 15, lines 64-67; 16, lines 59-67, 
which recites: 
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"...Administration Application 114 can delegate administration of users, roles, servers of the 
system to other administrators. The system 2 defines a special type of role, called an Admin. 
Role." 

"The Role Admin privilege may be delegated to owners of a particular resource, for example the 
technical support database. Administrators in the Technical Support Department would be able to 
control who has access to that resource by assigning or removing roles associated with that role 
from user accounts. The list of roles that may be managed by an administrator with this privilege 
is limited to roles that have been assigned to their associated Admin Role record." 

Rowe discloses the assigning or removing of roles within an organization by administrators who may 
be delegated the role of administering access privileges by other administrators. In the above instance 
(Technical Support Department example), the role of controlling access was delegated to the group by 
an administrator in order for access privileges to be handled by the department itself. Rowe thus 
teaches an entitlements structure within an organization in which a particular group has a child or 
dependent entitlement group. The limitation for the claim above as written, does not differentiate from 
the disclosure described above and is therefore interpreted broadly. As such, the rejection with regard 
to the above argument with regard to Win should be maintained accordingly. 

Claims 8 and 32 

With regard to the claims above, Appellants argue that Rowe's teachings of single value limits 
associated with a given financial account and Appellant's claimed invention providing for per- 
transaction and cumulative limits which are applicable to particular users or roles are not comparable. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
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and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

The 25 August 2009 Office Action points to Rowe, at least paragraph 40, which recites: 

"In a step Sle, the account provider assigns the account with a maximum funds value or value 
limit... Most often, the maximum value will comprise the amount of an initial deposit into the 
account by the customer." 

It apparent from the above disclosure that Rowe discloses wherein both transaction limits as well as 
cumulative limits are established for a financial transaction as follows: (Paragraph 40). In this case, a 
deposit into the account is allowed to accumulate up to the maximum deposit limit ("cumulative limit") 
set by the account provider for the account. Also, the maximum number of transactions permitted 
("per transaction limit") is limited only by the number of deposit transactions necessary to fund the 
account up to the maximum amount permitted for the account. 

Rowe also teaches wherein transaction limits are imposed by the account provider as follows: 

"This method comprises the steps of providing customer data to the account provider, establishing 
an account type, assigning a value limit for the account, depositing funds in the financial account 
in an amount not exceeding the value limit , assigning the financial account an expiration date 
after which access to the financial account is generally prohibited by a user..." [Abstract]. 

In this case, the expiration date set by the account provider for transacting with the financial account 
serves the same purpose as limiting the number of transactions permitted for the account. 

In another instance, Rowe discloses wherein transaction limits and cumulative limits for the account 
provider to follow are set by the user of the account for as follows: 
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"The customer may arrange the account such that funds are debited and transferred to the charity 
[or any other account] at one or more predetermined times and for one or more predetermined 
amounts" [Paragraph 35]. 

In this case, an account is permitted to be transacted upon only during the periods or times set for 
transacting whereas the maximum amount(s) permitted during the processing of the account is 
limited by the user. The limitation for the claim above as written, does not differentiate from the 
disclosure described above and is therefore interpreted broadly. As such, the rejection with regard to 
the above argument with regard to Rowe should be maintained accordingly. 

Claims 26 and 27 

With regard to the claims above, Appellants argue that Win and Rowe do not teach a hierarchical 
entitlement structure with inheritance in which permissions are inherited from above. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Barkley discloses wherein permissions are inherited by an entitlement group from its parent 
entitlement group in a hierarchical entitlement structure. The 25 August 2009 Office Action points to 
Barkley which recites: 

"The capability for one role to inherit another role - that is, for example, while members of 
"manager" have their own permissions, they may also inherit those of "subordinate" - is a 
common feature of RBAC models. Such a "role hierarchy" is implemented by a strict partial 
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ordering on the set of roles. One can think of role inheritance as the capability for one role to be 
authorized for (or "included in") another role" [column 9, lines 48-55]. 

"Similarly, the members of branch_manager have permission to read the accounts directory and 
account files, and to read and delete suggestion files, as noted above, while the members of 
employee have permission to read all employee files, but do not have permission to access files or 
directories associated with Object Access Type accounts" [column 12, lines 7-12]. 

It is apparent that Barkley's approach to inheritance describes an inheritance structure wherein roles 
occupying a higher level in the organization (e.g. "branch_manager") are permitted greater access 
privileges compared to roles occupying lower levels within the same organization (e.g. "members of 
employee") whose access privileges are more restricted. Thus Barkley's inheritance approach teaches 
a "top-down" inheritance methodology. The limitations for the claims above as written, do not 
differentiate from the disclosure described above and are therefore interpreted broadly. As such, the 
rejection with regard to the above argument with regard to Barkley should be maintained accordingly. 

Claim 30 

With regard to the claim above, Appellants argue that Win and Rowe do not teach wherein at least 
some of said particular objects represent bank accounts. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Barkley discloses wherein at least some of said particular objects represent bank accounts. The 25 
August 2009 Office Action points to Barkley which recites: 
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"Table 1 thus illustrates a typical method of providing employees of varying responsibility, where 
the roles/groups and their hierarchy are as shown in Fig. 1, with appropriate access to various 
files maintained by the bank's computer system. ..such as files related to depositor account 
information and employee information" [column 11, lines 20-25] 

"In the example, role/group permissions defined for each of four Object Access Types (OATs) 
according to the invention are shown in Table 1, as follows. The OATs accounts apply to files that 
contain individual account information and to directories that hold such files." [column 11, lines 
40-44] 

The above passages recite wherein at least some object types (e.g. "OATs") refer to "account" 
elements. The limitations for the claims above as written, do not differentiate from the disclosure 
described above and are therefore interpreted broadly. As such, the rejection with regard to the above 
argument with regard to Barkley should be maintained accordingly. 

Claim 33 

With regard to the claim above, Appellants argue that Win and Rowe do not teach defining 
permissions applicable to a selected one of functions of a financial application and objects of a 
financial application. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 
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Barkley discloses defining permissions applicable to functions of a financial application and objects of a 
financial application. The 25 August 2009 Office Action points to Barkley which recites: 

"The permissions granted to each role with respect to various objects by the OATs are designed to 
implement bank policy ..." [column 11, lines 57-59] 

'The role/group account_rep must be able to create and delete account files ; thus, account_rep 
has permission to traverse and write into the accounts directory , and read and delete account 
files..." [column 11, lines 63-66] 

The above passages disclose permissions or entitlements applicable to functions of a financial 
application (e.g., "account files"). The limitations for the claims above as written, do not differentiate 
from the disclosure described above and are therefore interpreted broadly. As such, the rejection with 
regard to the above argument with regard to Barkley should be maintained accordingly. 

Claim 41 

With regard to the claim above, Appellants argue that Win and Rowe do not teach modeling the 
permission information as three-tuples. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Barkley discloses modeling permission information as three-tuples. The 25 August 2009 Office Action 
points to Barkley which discloses wherein the Object Access Type indicates multiple levels of 
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permission or access information (e.g., "accounts"; "ed_to_dir"; "employee_read"; "suggestions") - 
column 11, Fig. 1. 

The limitations for the claims above as written, do not differentiate from the disclosure described 
above and are therefore interpreted broadly. As such, the rejection with regard to the above argument 
with regard to Barkley should be maintained accordingly. 

Claims 2-3, 6 and 9 

With regard to the claims above, Appellants argue that although Barkley discusses that one role may 
inherit from another role, Barkley takes a bottom-up, rather than a top-down, approach to inheritance 
and thus, teaches away from Appellant's top-down inheritance approach. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Barkley discloses wherein permissions are inherited by an entitlement group from its parent 
entitlement group in a hierarchical entitlement structure. The 25 August 2009 Office Action points to 
Barkley which recites: 

"The capability for one role to inherit another role - that is, for example, while members of 
"manager" have their own permissions, they may also inherit those of "subordinate" - is a 
common feature of RBAC models. Such a "role hierarchy" is implemented by a strict partial 
ordering on the set of roles. One can think of role inheritance as the capability for one role to be 
authorized for (or "included in") another role" [column 9, lines 48-55]. 
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"Similarly, the members of branch_manager have permission to read the accounts directory and 
account files, and to read and delete suggestion files, as noted above, while the members of 
employee have permission to read all employee files, but do not have permission to access files or 
directories associated with Object Access Type accounts" [column 12, lines 7-12]. 

It is apparent that Barkley's approach to inheritance describes an inheritance structure wherein roles 
occupying a higher level in the organization (e.g. "branch_manager") are permitted greater access 
privileges compared to roles occupying lower levels within the same organization (e.g. "members of 
employee") whose access privileges are more restricted. Thus Barkley's inheritance approach teaches 
a "top-down" inheritance methodology. The limitations for the claims above as written, do not 
differentiate from the disclosure described above and are therefore interpreted broadly. As such, the 
rejection with regard to the above argument with regard to Barkley should be maintained accordingly. 

Claim 17 

With regard to the claim above, Appellants argue that although Barkley does discuss modeling 
permissions as three-tuples, it does not represent permissions negatively. 

The Office respectfully disagrees, and maintains that the prior art references, used in rejecting the 
claims, clearly and expressly discloses all the recited features of the claims, as currently presented, 
and that Applicant has misinterpreted and/or not fully considered all the teachings and disclosures of 
the prior arts of record. 

Barkley discloses modeling permissions represented negatively as follows: 

"The permissions granted to each role with respect to various objects by the OATs are designed to 
implement bank policy. In a more specific example, the permissions granted to members of 
account_rep for each of the Object Access Types to effectuate bank policy may be implemented as 
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follows: The role/group account_rep must be able to create and delete account files... Note that 
account_rep does not have permission to read the accounts directory because bank policy is that 
account_rep does not need to be able to create a list of all account holders; similarly, account_rep 
does not have permission to write into an accounts file... while the members of employee have 
permission to real all employee files, but do not have permission to access files or directories 
associated with the OATs accounts... Note that teller has no permission to create or delete files in 
the directory accounts..." [column 11, lines 57-67; column 12, lines 1-32] 

It is evident that the above disclosure describes wherein permissions are represented negatively. The 
limitations for the claims above as written, do not differentiate from the disclosure described above 
and are therefore interpreted broadly. As such, the rejection with regard to the above argument with 
regard to Barkley should be maintained accordingly. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the Related Appeals and 
Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 
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